<!--
Computer Science Course 531 - Introduction to Software Engineering
Olive Insurance Client Management System (Client Database Access)
Version 1.0 (Base System)
Spring 2011

-- Source Code Details --
Page Tile: coverageTypeDetails.php
Created By: David Gonzalez, Computer Science (Undergraduate)
Documented By: Darrius Serrant, Computer Science (Undergraduate)
Purpose: User interface allowing the system administrator to quickly add new coverage types
         to the relational database for use in the employeeDetails.php and the agencyGroupDetails.php
         form pages.
Status: Completed. All essential functionality has been implemented. User interface revisions pending.
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Coverage Type Database:</title>
    </head>
    <h2>Coverage Type Database:</h2>
    <body>
        <?php
        /*
         * PHP Documentation: Handles the insertion, modification, and deletion of coverage types
         *                    based on the attributes presented in the POST header (i.e. INSERT for 'save',
         *                    UPDATE for 'update', and DELETE for 'delete').
         */
        session_start();
        require_once('connectvars.php');
        $display = "yes";
        if(isset($_SESSION['user_name'])){
            if(isset($_POST['save'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $name = mysqli_real_escape_string($dbc,trim($_POST['name']));

        if(!empty ($name)){
            $query = "INSERT INTO coverage (Name)"."VALUES ('$name')";
            $data = mysqli_query($dbc, $query) or die("Error Saving");

            mysqli_close($dbc);
            echo "Record Saved <br>";

        }
        else{
            echo "All fields need to be entered!<br>";
        }
        }
        if(isset($_POST['delete'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $name = mysqli_real_escape_string($dbc,trim($_POST['name']));

        if(!empty ($name)){
            $query = "SELECT * FROM coverage WHERE Name = '$name'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="coverageTypeDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="todelete[]" />';
                echo $row['Name'].'<br/>';
            }
            ?>

        <input type="submit" name="remove" value="Remove"/>
        <input type="submit" name="reload" value="Back"/>
        </form>
        <?php
         /*
         * PHP Documentation: Handles the insertion, modification, and deletion of coverage types
         *                    based on the attributes presented in the POST header (i.e. INSERT for 'save',
         *                    UPDATE for 'update', and DELETE for 'delete'). Continuation of what was
          *                   present in the previous block, but with the additon of search handling.
          * 
         */
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Coverage Type name";
        }
        }
        if(isset($_POST['remove'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['todelete'] as $deleteid){
                $query = "DELETE FROM coverage WHERE id = '$deleteid'";
                mysqli_query($dbc,$query) or die("ERROR DELETING");
            }
            $display = "yes";
            mysqli_close($dbc);
            echo "Record Deleted";
        }
        if(isset($_POST['find'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['toupload'] as $uploadid){
                $query = "SELECT * FROM coverage WHERE id = '$uploadid'";
                $data = mysqli_query($dbc,$query) or die("ERROR Finding");
                $row = mysqli_fetch_array($data);
            }
            $display = "No";
            echo "Record Uploaded";
            ?>
        <form action="coverageTypeDetails.php" method ="post">
        <label for ="name">Coverage Type Name:</label>
        <input type ="text" id="name" name ="name" value ="<?php echo $row['Name']?>"/><br/>
        <input type ="submit" value="Save" name ="save" />
        <input type ="submit" value="Delete" name ="delete" />
        <input type ="submit" value="Search" name ="search" />
        <input type ="submit" value="Back" name ="back" />
        </form>
        <?php
            mysqli_close($dbc);
        }
        if(isset($_POST['search'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $name = mysqli_real_escape_string($dbc,trim($_POST['name']));

        if(!empty ($name)){
            $query = "SELECT * FROM coverage WHERE Name = '$name'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="coverageTypeDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="toupload[]" />';
                echo $row['Name'].'<br/>';
            }
            ?>

        <input type="submit" name="find" value="Find"/>
        <input type="submit" name="reload" value="Back"/>
        </form>
        <?php
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Coverage Type name";
        }
        }
        if(isset($_POST['reload'])){
            header('Location: http://localhost:8888/PHP3/coverageTypeDetails.php');
        }
        if(isset($_POST['back'])){
            header('Location: http://localhost:8888/PHP3/mainPage.php');
        }
        if($display == "yes"){?>
        <form action="coverageTypeDetails.php" method ="post">
        <label for ="name">Coverage Type Name:</label>
        <input type ="text" id="name" name ="name"/><br/>
        <input type ="submit" value="Save" name ="save" />
        <input type ="submit" value="Delete" name ="delete" />
        <input type ="submit" value="Search" name ="search" />
        <input type ="submit" value="Back" name ="back" />
        </form>
        <?php
        }
        }else{
            echo 'You aren\'t logged in! <br>';
            header('Refresh: 2; http://localhost:8888/PHP3/signIn.php');
            echo 'You will be transfered to Sign In page...';
        }
        ?>
    </body>
</html>